CIMIP - Center for Identity Management and Information Protection

October 2012 News Archive

October 31, 2012

Capo Beach Man Sentenced for Identity Theft

A Capistrano Beach man was sentenced Friday to 25 years in jail after pleading guilty to 50 counts, including 33 counts of identity theft and 13 counts of grand theft. full article

“Horrible Rumor Spreading About You” Twitter DMs Lure Users to Malicious Sites

In the past period, many cybercriminals have turned to direct messages (DMs) on Twitter in order to spread their malicious links. If last time they were relying on outrageous pictures, this time they’re leveraging horrible rumors. full article

Local Woman Sues Barnes & Noble for Identify Theft

One of the customers of the Deerfield store says the bookseller did not properly secure her personal information before its PIN pads were hacked. The Evanston store was also hacked.

A Deerfield woman sued Barnes & Noble for invasion of privacy claiming her credit card information was stolen when shopped at the booksellers’ Deerfield store in August and September, according to a complaint filed Monday in federal court in Chicago. full article

Trial starts for TN man accused of ID theft, health care fraud

The trial for a Cuban accused of setting up a false medical care online billing services company in Gainesboro, Tenn., began Tuesday in U.S. District Court in Nashville with charges that he had perpetrated health care fraud, aggravated identity theft and money laundering. full article

Here are the top 5 Best Ways to Avoid Post-Sandy Scams

In the wake of any major and destructive weather event, there is always confusion, misinformation, and disarray. But if you’re lucky enough to live in a place like the U.S., there is also a massive outpouring of aid. full article

Latest target for identity thieves? Military pay

TAMPA — Much is demanded of soldiers. In exchange they get pride and pay. But identity theft claimed even the pay last month for four military personnel at Fort Bragg, N.C., one of America's biggest Army bases. full article

Identity theft spreading to social network sites

People are becoming wiser about how they share their credit-card information and not giving key information, such as Social Security numbers or mothers’ maiden names, out over the phone to protect their identities. However, according to the Identity Theft Resource Center, those wishing to steal personal information for their own selfish reasons are now using cellphones and social media to gain access to personal information they can use to access bank accounts, loans, etc. full article

October 30, 2012

Ore. man gets 4 years for role in ID theft ring

PORTLAND, Ore. (AP) — A federal judge has sentenced a Portland man to more than four years in prison for using his graphic design skills to create high-quality fake identification documents for a team of identity thieves. full article

Fresno woman held on 224 counts of ID theft

FRESNO, Calif.—A 45-year-old Fresno woman is facing identity theft and burglary charges involving 61 people who live between Visalia and Sacramento. full article

Ex-Portsmouth restaurateur seeks more time in theft case

A former Portsmouth restaurateur charged with tapping into his customers’ credit cards for extra cash is asking for more time to prepare for trial, claiming he needs to examine a slew of evidence. full article

Montreal man to remain in jail on bank-fraud charges

A Montreal man accused of using fake identification to open bank accounts in the Halifax area will spend at least three more weeks behind bars before he seeks bail. full article

Experts urge those affected by hacking to take precautions against identity theft

State and federal law enforcement agencies on Monday were still investigating the cyber-attack that might have jeopardized the tax returns of millions of South Carolina residents. full article

‘Democrat of the Year’ loses title after felony conviction

Jefferson County, Colo. Democrats have revoked 66-year-old Estelle Carson’s 2012 “Democrat of the Year” award, following her conviction on Thursday for stealing from a 71-year-old woman who suffers from both partial blindness and cerebral palsy. full article

Identity theft suspects steal Camaro

RENO, Nev. (KRNV & -- Reno Police are looking for two suspects who used a false identity and stole a high-priced Camaro. full article

October 29, 2012

Identity theft suspected in illegal acces of prescription drug tracking system

This week Washington’s Prescription Monitoring Program sent letters to 34 people whose records were illegally accessed by someone who used a physician’s identity. full article

Identity theft: Woman's identity stolen by adoptive mother

At three months old, a woman was adopted into a new family. “My adopted mother changed my name to her name,” she says. full article

Scam artists get tax refunds through ID theft

Creative crooks have found a new way of using stolen identity details to defraud people - illegally applying for tax refunds. full article

Cyber Attack on S.C. Department of Revenue Exposes 3.6 Million

COLUMBIA -- The South Carolina Department of Revenue announced Friday that a cyber attack has exposed 3.6 million Social Security numbers and 387,000 credit and debit card numbers. full article

Two arrested for stealing from college district

Two 42-year-old former employees of the San Mateo County Community College District are facing multiple felonies after working together to misuse the agency's credit cards resulting in about a $150,000 loss, according to District Attorney Steve Wagstaffe. full article

Police: Duo Charges Over $1,500 in Identity Theft

Stolen credit card information at the Hilton Garden Inn in Oaks led to the arrest of a Norristown woman.

On Oct. 19, Upper Providence police were called to the Hilton Garden Inn, located at 500 Cresson Blvd. in Oaks, for the report that guests were using stolen credit card information. full article

D.P. Crime Ring Leader Gets 25 Years for ID Theft

Christopher John Aragon, 52, Capistrano Beach, pleaded guilty Friday to 50 felony counts including 33 counts of unauthorized use of personal identifying information, says district attorney.

Christopher John Aragon, 52, of Capistrano Beach, regarded as the leader of a crime ring was sentenced Friday to 25 years in state prison for stealing thousands of personal identities and counterfeiting credit cards to buy high-end goods to be resold on eBay and Craigslist, according to the Orange County District Attorney's office. full article

Court exempts union bosses from laws against identity theft

One November day in 2007, 33 AT&T workers in central North Carolina found out that their Social Security numbers and other private information had been posted for the world to see -- exposing them to identity theft and credit fraud. full article

Ex-State Dept. worker admits identity theft; used passport information to get credit cards

WASHINGTON — A former State Department employee has pleaded guilty to an identity theft plot in which he and others used stolen credit cards to make more than $70,000 in purchases. full article

Woman charged in St. Charles with aggravated ID theft vs. 65-year-old

ST. CHARLES — A 42-year-old West Chicago woman has been charged with using a Colorado resident’s identity, police said Friday. full article

Police investigate identity theft cases

Two Bloomfield Township residents reported attempted identity theft to police after they received suspicious letters from collection agencies. full article

New ID theft scam: Luring people to fake IRS website

Watch out for a website that mimics part of the official Internal Revenue Service website. Identity theft scamsters are using the fake website to lure people into giving personal information that could be used to steal their money or identity, said Mike Dobzinski, the Plantation-based spokesman for the Internal Revenue Service. full article

Child actor is victim of sinister identity theft after fraudster sets up Twitter account in his name and impersonates him for seven months

A promising child actor has spoken out after being subjected to a seven-month-long Twitter hoax which cruelly took advantage of his fans. full article

Briefs: Trio suspected of identity theft

A female and two male residents of the Yuba-Sutter area are suspected of identity theft following their arrest Saturday in Butte County at a Walmart store. full article

IP Theft, Supply Chain Security Major Worries for Government, Former Cybersecurity Czar Says

ANAHEIM, CALIF.--The theft of intellectual property through attacks on U.S. networks, both government-owned and private, has become one of the major concerns for officials at the top level of the federal government, not just among security staffs, but at the upper echelons of the White House and intelligence agencies, as well, the former top cybersecurity adviser to President Obama said. full article

October 25, 2012

Identity theft crushes Gladwin couple, $30,000 in debt racked up

GLADWIN COUNTY, MI (WNEM) - Identity theft can happen to any of us, without even realizing it. One Mid-Michigan couple's story serves as a warning about a new wave of thieves. full article

Man Crawled on Theater Floors, Stealing Money From Female Movie Watchers

A jury found a Philadelphia man guilty of credit card fraud and indentity theft using a unique method to prey on his victims: He crawled around movie theater floors in the dark, stealing from women's purses. Prosecutors said he preferred to attend chick flicks, where plenty of women would show up. full article

ID Theft Ring Hits Henderson County

HENDERSON COUNTY, Tenn.- An outbreak of identity theft reports has residents in Henderson double checking their bank accounts, and investigators with few resources. full article

Attempted Gearys Beverly Hills? Purchases Tied to Identity Theft Scheme

A Park La Brea man was sentenced to six years in federal prison for his role in stealing the identities of elderly credit card holders in an effort to buy expensive merchandise.

A Park La Brea man was sentenced Monday to 76 months in federal prison for his role in an international identity theft and credit card fraud scheme targeting elderly cardholders. full article

Tuckahoe Resident Suffers $2,500 Identity Theft

TUCKAHOE, N.Y. – A Tuckahoe resident reported to police that he was the victim of identity theft on Tuesday after unauthorized charges showed up on his account. full article

Man from Bulgaria and Florida woman get 10 years prison for identity theft

A USAO press release of Oct. 22 , 2012, reports a Birmingham federal judge Monday, sentenced a Bulgarian man and a Florida woman for their part in a multi-state operation in which they secretly skimmed bank customers’ identification at ATMs and used the stolen information to create hundreds of counterfeit debit cards, announced U.S. Attorney Joyce White Vance and U.S. Secret Service Special Agent in Charge Roy Sexton. full article

Ex-banker pleads guilty to $121,000 identity theft scheme in DC

WASHINGTON — A former personal banker has pleaded guilty to taking part in an identity theft scheme involving $121,400 in forged checks. full article

More felony counts added in summer ID theft scheme

A man charged with several felonies in connection with a complex identity-theft scheme faces three more counts after he was linked to credit-card skimmers discovered at a Plymouth gas station. full article

Kansas case puts face on 'total identity theft'

WICHITA, Kan. (AP) — When Candida L. Gutierrez's identity was stolen, the thief didn't limit herself to opening fraudulent credit and bank accounts. She assumed Gutierrez's persona completely, using it to get a job, a driver's license, a mortgage and even medical care for the birth of two children. full article

Woman facing identity theft charge

ABERDEEN, Miss. (WTVA) -- Tawina Koshay Westbrook, 28, of Aberdeen was arrested by Monroe County Sheriff Department on October 22. full article

Attorney General Madigan: Chicago Man Sent to Prison in Identity Theft Scheme

Chicago--(ENEWSPF)--October 23, 2012. Attorney General Lisa Madigan today announced a Chicago man pled guilty and was sentenced to four years in prison for possessing hundreds of stolen gift and credit cards with access to thousands of dollars held by the victims of his identity theft scheme. full article

Woman wanted for identity theft

BATON ROUGE, LA (WAFB) - Detectives are looking for a woman that opened a charge account in someone else's name. full article

October 24, 2012

Credit Card Data Breach at Barnes & Noble Stores

WASHINGTON — Hackers have stolen credit card information for customers who shopped as recently as last month at 63 Barnes & Noble stores across the country, including stores in New York City, San Diego, Miami and Chicago, according to people briefed on the investigation. full article

FTC: Companies should limit facial recognition in some cases

The agency releases a list of guidelines and best practices for the use of facial recognition technology

IDG News Service - Web companies using facial recognition technology should avoid identifying anonymous images of consumers to someone who could not otherwise identify them, unless the companies have the consumers' consent, a U.S. Federal Trade Commission report said. full article

The FBI Warns of Dating Extortion Scams and Payday Loan Schemes

The US Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has issued an alert to warn Internet users about the new twists added by scammers to previously existing scams. The advisory comes after the agency received a large number of complaints from victims. full article

Sony PlayStation 3 firmware reportedly hacked

Summary: Chinese hacker group, BlueDisk-CFW, releases leaked tool which circumvents the game console's latest 3.60 firmware that had plugged security holes from the unauthorized access by another hacker group last year. full article

Facebook donates cash seized from spammers to cyber CSI lab

Ill-gotten $250k for Koobface, GhostClick takedown team

Facebook has donated $250k it seized from spammers to an academic centre of excellence in the fight against cybercrime. The University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research will use the cash to build an expanded version of the faculty, due to open next year. The centre helped researchers at Facebook to track down the infamous Koobface gang and helped to unravel the even more notorious GhostClick (DNSChanger) scam, among other work. full article

October 23, 2012

Verizon DBIR Analysis: Insiders Often Complicit in Breaches of Intellectual Property

Verizon has further dissected breach data from its annual Data Breach Investigations Report (DBIR) and built a profile of intellectual property theft that points to a disturbing combination of factors leading to successful infiltrations by cybercriminals, competitors, hacktivists and nation-state sponsored attackers. full article

Spammers abuse .gov URL shortener service in work-at-home scams

pen redirect vulnerabilities on .gov websites allow spammers to abuse .gov URL shortener service, Symantec researchers say

IDG News Service - Spammers have found a way to abuse a URL shortener service destined for U.S. government social media activities in order to craft rogue .gov URLs for work-at-home scams. full article

7 Costly IAM Mistakes

Blunders that lead to costly identity and access management failures

While IAM project failures may not quite rank up there with the biggest ERP blunders on record, they still rank high among some of IT security's most embarrassing waste of investment. When organizations fail to properly align business processes with technology, don't account for the dynamic demands of users in accessing IT assets and don't confer with the right stakeholders prior to deployment, IAM initiatives are put at risk. full article

Fake PayPal Emails Distributing Malware

Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from links in seemingly authentic emails, according to a Webroot report written by Dancho Danchev. full article

ISPs can slow or suspend web use under anti-piracy program

Web users accused of piracy can soon expect punishment from their internet service providers (ISPs), which may range from educational messages to slower surfing speeds and suspension. full article

Aus student data stored for Google ads

EU reforms may keep students commercial free

Australian students may be spared potentially invasive digital data access from Google following the Privacy Commission’s decision to back the EU’s reforms regarding Google's new privacy policy. full article

October 22, 2012

Woman Sentenced to 4 Years After Skimming 237 Bank Accounts

A 43-year-old woman has been sentenced to four years in prison and five years of supervised release after being found guilty of skimming the bank accounts of 237 unsuspecting individuals. She will also have to pay $125,241 (97,000 EUR) in restitution. full article

Judge Dismisses Much of PlayStation Hacking Suit

(CN) - A federal judge dealt a blow to PlayStation users who say that a Sony security breach exposed more than 69 million personal and credit card accounts to theft. full article

M Qube, Mobile Messenger fraudulent Unauthorized Instant Messaging Billing through Sprint Ripoff Internet

I recently started receiving text messages on my phone, from SMS number 76284. Thinking them to be prank messages, I deleted them, and to my horror, the SMS's continued. So I called Sprint PCS and was informed that I had "signed-up" for premier SMS service. full article

Police investigating identity theft in Littlestown

Pennsylvania State Police are investigating an identity theft after a Littlestown resident's Discover Card account information was obtained and charged with several postage purchases to the account on Sept. 11 through Sept. 13. full article

Osawatomie Man Convicted of Medicaid Fraud, Identity Theft

An Osawatomie man was convicted Wednesday on multiple charges related to a Medicaid fraud scheme. full article

Group arrested in Naperville for identity theft, forgery

Seven people have been arrested in Naperville and charged with being part on an international crime organization which has allegedly defrauded dozens of people in the Naperville area. full article

Tracey Nelson, member of identity theft ring, pulled unemployment while locked up for her crimes

Nelson was sentenced to 6 to 18 years for forwarding donor information from employer UJA-Federation to identity theft ring

A key member in a wide-spread $2 million identity theft ring that targeted a Jewish charity, banks and a car dealership collected unemployment checks even after she was busted, her lawyer admitted at her sentencing Friday. full article

October 19, 2012

Ore. woman arrested, accused of theft, identity theft involving elderly woman

SALEM, Ore. — Police in the small Willamette Valley town of Turner, Ore., have arrested a 33-year-old woman accused of opening credit card accounts in the name of an 81-year-old acquaintance and buying an estimated $15,000 worth of goods for herself. full article

Glendale Man Sentenced to 70 Months for Identity Theft Scheme

(Source: FBI) - MEDFORD, OR—On October 15, 2012, U.S. District Judge Owen M. Panner sentenced Tigran Khachatrian, 46, of Glendale, California, to 70 months in federal prison for aggravated identity theft and possession of counterfeit access devices. full article

5 Crucial Steps To Protect Servicemembers From Identity Theft, Fraud

In May 2012, 22-year-old Jobson Cenor, a U.S. Marine stationed in Afghanistan, was arrested for allegedly selling the names, dates of birth and Social Security numbers of fellow Marines serving in Afghanistan. Allegedly, Cenor’s co-conspirator used the identities to file phony tax returns and reap the refunds, according to the U.S. Attorney's Office. And that wasn't an isolated case. full article

Requesting Sensitive Data Via Google Docs: Phishing Really is That Easy

Please leave your credit card number, its expiration date and security code, along with your full name and billing address in the comments section of this blog post. You’re obviously not going to do this. You know better, I know better, but there are those who don’t. So many, in fact, that scammers are not only comfortable with and willing to invest in scams no more or less complicated, but they are also confident that the scams will succeed. full article

Canada House of Commons Contractor Accused of Hacking Quebec Government Site

The Royal Canadian Mounted Police (RCMP) claims that a 28-year-old man working on contract for the House of Commons and the RCMP is responsible for disrupting the official website of the Quebec government. full article

Man's identity theft attempt falls flat at Des Moines bank

A man is in hot water for allegedly dressing up in a ridiculous costume in an attempt to impersonate another man and steal his debit card. full article

Police weigh extent of ID theft case

GRANDVIEW — Two identity theft suspects are in Yakima County jail while investigators wade through a mountain of paperwork to chronicle the extent of their alleged fraud. full article

french android malware writer arrested for stealing $653,700

A French hacker has been arrested for spreading a virus through fake smartphone applications. Prosecutors say he stole tiny sums from 17,000 people, amassing about 500,000 euros (£405,000) since 2011. full article

October 18, 2012

'Habitual offender' to be arrested by Westport Police for ID?thefts

WESTPORT?--?A?prolific identity thief, collared earlier this month by Stamford Police, will soon face charges in relation to a series of Westport thefts. full article

Renters beware: ID theft, financial scam in home ads

Potential home renters need to be aware of a scam created to bilk you of money and / or to steal your identity. According to a local real estate agent, the scam has appeared on at least two websites, craigslist and full article

New York man pleads not guilty to identity theft, attempted forgery

BENNINGTON -- A New York man was held without bail Monday after he pleaded not guilty to a string of identity theft and forgery related complaints. full article

New Verizon Marketing Initiative May Violate Users’ Privacy

Verizon has drawn the ire of its customers and privacy advocates this week because a new initiative launched by the telecom company may violate users’ privacy. full article

Who is tweeting from the NSA's parking lot?

The open source intelligence platform Maltego shows the power of collating publicly available information

IDG News Service - From Google Maps, the U.S. National Security Agency's parking lot has a larger footprint than the building itself. And for the high secrecy surrounding what goes on inside, there is plenty of information flowing just outside. full article

Phishy Direct Messages Link to Fake Twitter Sign-in Page

A wave of spammy direct messages on Twitter contain URLs leading to what appears to be a Twitter login page, but is actually a phishing site trying to pilfer user login credentials. full article

MasterCard Is Selling Your Data Just in Time for the Holidays

Credit card companies make money by taking a cut every time you swipe your plastic at the checkout counter. Now MasterCard has found a way to make those swipes pay over and over again. full article

October 17, 2012

Oxford arrests bring to light the scope of card theft now Read more: Anniston Star - Oxford arrests bring to light the scope of card theft now

Police believe an arrest in Oxford last week probably prevented a long string of retail thefts using stolen credit card information, but it also highlighted a growing concern in the battle against identity theft. full article

Woman in 2001 flight flap faces ID theft charge

TRAVERSE CITY, Mich. (AP) — A northern Michigan woman who gained national attention for disrupting a flight to China in 2001 has been charged after authorities say she used the driver's license of one of her sisters to get prescription drugs. full article

Troup man receives 25 years for identity theft

JACKSONVILLE — A Troup man described by authorities as a major identity thief was sentenced to to 25 years in prison Monday in connection with charges of tampering with a government document and fraudulent use or possession of identifying information, reports show. full article

North Salem Resident Victim Of Identity Theft

NORTH SALEM, N.Y. - A Candlewood Park resident got a call from his credit protection service on Oct. 13, reporting some suspicious activity on his credit card. The victim then learned that an unknown person had opened a credit-card account in his name, as well as an account with a financial-services company. At this time there is no suspect. full article

Man charged with fraud, identity theft

KISSIMMEE, Fla. (WOFL FOX 35 ORLANDO) - A Kissimmee man has been federally indicted with three counts of mail fraud, five counts of wire fraud, and one count of aggravated identity theft. full article

October 16, 2012

Cyberthieves loot $400,000 from city bank account

Cybertheft comes just days after RSA issued a warning that criminal gang planned massive attacks against U.S. banking customers

Computerworld - Burlington, Wash. officials have notified hundreds of employees and residents that their bank account information was compromised last week when hackers broke into city systems and stole more than $400,000 from a city account at Bank of America. full article

Researchers Identify Banks Targeted In Forthcoming Attack

Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack

Researchers say they have some 26 banks that are being targeted in an evolving series of attacks on U.S. financial institutions. full article

Protecting Consumer Location Privacy

GAO: Consumer Can't Judge if Data Sharing Puts Privacy at Risk

The U.S. federal government could do more to protect consumers' privacy in dealing with mobile device location data, the Government Accountability Office says in a new report. full article

Chinese arrest 9,000 cyber-crims

Halts online PR racket flooding net with negative reviews

Chinese police have smashed over 700 cyber crime gangs and arrested nearly 9,000 alleged criminals full article

Facebook removes two-factor authentication mobile numbers from search

Mobile phone numbers used for Facebook's 'Login Approvals' account security feature are no longer searchable through the website

IDG News Service - Facebook users who have associated a mobile phone number with their accounts in order to enable the "Login Approvals" security feature can no longer be found on the website based on those phone numbers, the company said Monday. full article

Garry McKinnon Will Not Be Extradited, UK Home Secretary Says

UK Home Secretary Theresa May told members of the Parliament that the extradition of Garry McKinnon to the US would be blocked for human rights reasons. This puts an end to a ten-year battle fought by McKinnon, his supporters and human rights advocates. full article

FBI Launches Safe Online Surfing Internet Challenge

What better way to learn about cyber safety than through games, videos and other interactive features? The US Federal Bureau of Investigation is counting on this in their latest cyber security program called Safe Online Surfing (FBI-SOS). full article

Identity theft not ruled out in fake student case

The University of Auckland is set to tighten security measures at its medicine school after it discovered an imposter had attended classes for two years. full article

Crime Nearby: Identity Theft, Grand Larceny

A Rockville Centre woman pleaded guilty Wednesday after using fake Craigslist ads for nonexistent jobs and apartments to steal steal hundreds of identities nationwide and filing hundreds of fraudulent tax returns, according to the Nassau County District Attorney's Office. Susan Pemberton, 43, of Rockville Centre, pleaded guilty to grand larceny in the third degree, scheme to defraud in the first degree, offering a false instrument for filing, and identity theft in the second degree. She faces two to four years in prison at her Jan. 23 sentencing. full article

Woman suspected in identity theft actually a man, police say

WINTER PARK -- The search for an identity thief in Orange County has taken a strange turn. full article

Man Accused of Stealing Identity of Little Jimmy Dickens, Other Grand Ole Opry Stars

Police in Tennessee have arrested a man believed to have stolen the identity of some of the Grand Ole Opry’s biggest stars, including Little Jimmy Dickens. full article

October 15, 2012

Hackers Steal $400,000 from City of Burlington Accounts in Just One Night

Unknown hackers have managed to steal a total of around $400,000 (312,000 EUR) from a Bank of America account owned by the City of Burlington, Washington. full article

Former LulzSec member guilty in Sony Pictures hack

Raynaldo Rivera admitted his involvement in a cyberattack that resulted in the theft of user information from a Sony Pictures website

IDG News Service - An Arizona man has admitted his involvement in a May 2011 computer attack against the website of Sony Pictures Entertainment that was carried out by the now-defunct LulzSec hacker group. full article

Presidential election spurs malware-laden CNN spam

Spammers taking advantage of the presidential election buzz are delivering the banking trojan Zeus to users who fall for email ploys purporting to come from CNN. full article

Bank Attacks: What Have We Learned?

In the wake of eight sophisticated distributed denial of service attacks aimed at leading U.S. banks in recent weeks, financial institutions are bracing for more. full article

NASA hacker McKinnon to hear extradition fate tomorrow

Summary: After a 10-year legal battle, home secretary Theresa May will reveal whether the UK will send Gary McKinnon to the US to face court charges over hacking NASA and military computers. full article

NullCrew Claims to Have Hacked World Health Organization Again

Hackers of the NullCrew collective claim to have breached another subdomain owned by the World Health Organization ( full article

NZ government network leaking data like a sieve

Updated: Ministry apologises, launches investigation

A row has broken out in New Zealand after a blogger exposed serious security flaws in that country’s job-seeker network. full article

US Military Prepares New Rules for Cyber War: Panetta

WASHINGTON - The United States faces a growing threat of a "cyber-Pearl Harbor" and has drafted new rules for the military that would enable it to move aggressively against digital attacks, Defense Secretary Leon Panetta said late Thursday. full article

Stealing i-cards a new form of identity theft

Identity theft doesn’t always have to involve a stolen credit card or driver’s license. After a University student’s stolen i-card was used at the Undergraduate Library, two Urbana residents were arrested, one of whom was charged with identity theft. full article

TD Bank misplaces personal data tapes

1,000 Canadians with U.S. accounts could be affected

TORONTO — A TD Bank spokeswoman says about 1,000 Canadians with U.S. accounts could be affected after some data tapes containing personal information were misplaced. full article

ID theft victim speaks out about costly crime

SPOKANE -- A Spokane woman whose identify was stolen by a serial thief wishes she could start all over with a new Social Security number. full article

Data Breach Leads to Identity Theft at North West Florida State College

An attack on Northwest Florida State College computer systems resulted in a data breach that has affected nearly 300,000 people and led to reports of identity theft and fraud. full article

8 Indicted After Identity Theft, Unemployment Benefits Scam Busted

DETROIT (WWJ) - Eight individuals were indicted by a federal grand jury in Detroit on charges relating to identity theft, United States Attorney Barbara L. McQuade announced Friday. full article

October 11, 2012

Hackers steal thousands of student records from computers at Florida college

The hack at the Northwest Florida State College is believed to be a job by professional outside hackers

IDG News Service - An information breach at a Florida college has compromised information of about 279,000 students and employees, the Florida Department of Education said on Wednesday. full article

Businesses Remain Scared of Spear-Phishing as Attackers Study Behavior

Scared is a strong word, but the reality, according to a Websense analysis by Patrik Runald, is that spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model, giving business executives plenty of reason to worry. full article

Dodging 5 Dangerous Database Default Settings

Out-of-the-box settings and weak configuration of databases make it easier for thieves to break into data stores and harder for IT to quickly detect breaches

Even as enterprises spend buckets of cash on data defenses at various layers of IT infrastructure, many of them sabotage their efforts by ultimately storing that information in poorly configured databases. Whether due to legacy application logistics, convenience to administrators, or lack of awareness by DBAs, databases set up with out-of-the-box settings are all-too-common within the enterprise. full article

“I Will Use a Bomb to Destroy an Airplane,” Computer Virus Says on Victim’s Behalf

Japanese police have arrested three people, accusing them of making death threats via email and discussion forums. However, later, investigators have determined that a piece of malware may have actually posted the threats on their behalf. full article

Ransomware and phish cons target Skype users

Fraudsters are targeting Skype users through two different ruses – one that spreads ransomware by way of instant messages, and another which uses spam to spread the banking trojan Zeus. full article

Cops Seek Couple In Identity Theft Case

WATSONTOWN — Police in Northumberland County are searching a for woman they believe stole her parents’ identity and charged thousands of dollars on credit cards in their name. full article

October 10, 2012

Medicare won't issue new IDs to identity-theft victims

8:30AM EST October 10. 2012 - WASHINGTON -- More than a quarter-million Medicare beneficiaries are potential victims of identity theft and hampered in getting health care benefits because the government won't issue new IDs, according to an investigation report released today. full article

Man accused of identity theft dies

A Grindstone man charged with identity theft for allegedly using the personal information of a deceased infant died on Tuesday. full article

ISPs to monitor peer-to-peer file-sharing in new anti-piracy plan

A long-delayed plan to curb piracy — a collaboration between ISPs, copyright holders and the White House — is set to go into effect by the end of the year. The "six strike" policy for handling those who seek and distribute copyrighted files is described as educational, but also calls for punitive measures. full article

CapOne Site Takes DDoS Hit

SunTrust, Regions Next Expected Targets

The hacktivist group known as Izz ad-Din al-Qassam apparently made good on its threat to take down Capital One Financial Corp.'s online presence Oct. 9. Now industry observers say they're waiting to see if the group's threats against SunTrust Banks and Regions Financial Corp. will be fulfilled later this week as the group has indicated. full article

Flaws allow 3G devices to be tracked

New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked. full article

State worker charged with identity theft

A state tax department employee was arrested Thursday and charged with stealing a man’s identity off of his tax records, according to department police. full article

Controversy over Japanese app that published up to 760,000 personal addresses

A security firm says the Android app put up to 760,000 address book entries from 3,400 users into a searchable public database

October 10, 2012 — IDG News Service — An online debate has broken out over a Japanese mobile app that may have published as many as 760,000 address book records from its users in a publicly searchable database. full article

October 9, 2012

Identity theft leads to nine felonies

Saturday, October 6, 2012 — An Albemarle man faces nine felony counts involving the alleged illegal theft and use of a financial transaction card. full article

Baby Boomers Need to Become More Educated about Digital Security

AVG Survey Shows Group at Risk for Identity Theft, Financial Fraud

AMSTERDAM & SAN FRANCISCO--(BUSINESS WIRE)-- AVG Technologies (NYS: AVG) , the provider of Internet and mobile security to 128 million active users, today announced the findings of its recent 15-city North American digital security survey that show a pressing need for baby boomers to become more educated about digital security. While the original survey identified the top 10 savviest cities for digital protection, numbers also revealed that baby boomers still have a lot of work to do when it comes to safeguarding against identity theft, financial fraud and loss of personal data. full article

Pilfering sysadmin gets four years and $2.3m fine for kit theft

FBI nails Verizon engineer over Cisco scam

A former Verizon network engineer is beginning a four-year jail term after being sentenced for scamming Cisco and Verizon out of millions of dollars worth of kit and fencing it through the reseller community. full article

What An Executive Order On Cybersecurity May Mean For Enterprises

While officials say an executive order could set voluntary security standards, companies worry that it can result in a checklist approach to security

An executive order aimed at bolstering cybersecurity is still in the development phase, but that does not mean enterprises shouldn't start thinking about what it could mean for them. full article

Dorkbot Now Worming Its Way through Skype

The Dorkbot worm that fooled many a Facebook and Twitter user is now socially engineering Skype users into downloading the malware, whose payload now includes a mechanism to lock down machines. full article

Malware-infected computers rented as proxy servers on the black market

Researchers have identified a Trojan program that turns infected computers into SOCKS proxy servers to which access is then sold

IDG News Service - Cybercriminals are using computers infected with a particular piece of malware to power a commercial proxy service that funnels potentially malicious traffic through them, according to security researchers from Symantec. full article

RSA Warning, DDoS Attacks Linked?

Latest Threats Fuel Fears of More Attacks

The next-generation Gozi Trojan threat that security vendor RSA warned about last week is real and requires response, experts say. full article

Identity Theft Scam Targeting Local Bank Of America Customers

FALLS COUNTY - The Falls County Sheriff's Office is notifying the public that they have received reports regarding an identity theft scam recently. The latest target of these scams have been local Bank of America customers. full article

October 4, 2012

81-year-old Waitress Loses Life Savings in Scam

GLENDALE, Calif. (KTLA) -- An 81-year-old Glendale woman was close to retiring after more than 40 years as a waitress, but then she fell victim to a lottery scam that wiped out her life savings. full article

FTC hits scary tech support scammers that make 'virtual mayhem'

Telemarketers pose as tech reps from Microsoft or Symantec, bilk consumers in U.S., U.K., elsewhere for hundreds of dollars to make fake repairs

Computerworld - U.S. officials today struck at six long-running scams, freezing assets of 14 companies charged with bilking consumers by posing as tech support from Microsoft, Symantec and others. full article

Swedish Sites Attacked in Retaliation for Police Raid on Web Host

Several Web sites in Sweden, including the nation's central bank and two government affiliates, were hit with attacks this week, supposedly in retaliation for a police raid on an Internet company tied to The Pirate Bay, the world's largest file sharing site. full article

New data-theft attack technique can run across web

Researchers have detected a "new man-in-the-browser" (MITB) attack method that uses malware capable of stealing users bank or other sensitive information entered on websites. full article

Google to Warn Users About Possible 'State-Sponsored' Attacks

Google has been rather warning-happy lately; from alerts about malware to blocked websites in China. Today, however, the search giant expanded those efforts with security warnings about state-sponsored attacks. full article

AusPost Click and Send security glitch could affect consumer trust: IDC

October 03, 2012 — IDG News Service — While Australia Post has moved to reassure customers that their financial details were not compromised due to a security glitch with its online service Click and Send, a security expert said the incident could affect consumer confidence in the merchant. full article

October 3, 2012

Scareware defendant fined $163M in FTC suit

Ukrainian operation told computer users their PCs were infected and sold them software to fix the bogus problem

IDG News Service - A U.S. judge has imposed a judgment of $163.2 million against a defendant accused by the U.S. Federal Trade Commission of being part of an operation that sold software to people it tricked into thinking their computers were infected with malicious software. full article

Supreme Court Weighs Government Liability Under Credit Reporting Law

The U.S. Supreme Court on Tuesday considered whether the federal government could be liable for money damages by printing confidential credit card information on a customer’s receipt, increasing the risk of identity theft. full article

Police investigating robbery arrest suspects in theft of checks, IDs

Authorities seized 17 stolen checkbooks, check-making software, stolen IDs and more than 300 fake and forged checks after tracking down a vehicle used in a robbery, court papers show. full article

Medical device hacking - FDA are told to start taking it seriously

The US Government Accountability Office (GAO), prodded by Congress, has put out a new report [PDF] recommending that the US Food and Drug Administration (FDA) start thinking about how to secure insulin pumps and implantable cardioverter defibrillators from being vulnerable from targeted attacks. full article

Identity theft ring leader pleads guilty to 80 felony counts

Pak faces 20-year prison terms on multiple felony charges of identity theft

HONOLULU — Pyong "Peter" Pak pleaded guilty Tuesday morning to 80 felony theft counts filed against him in connection with an identity theft ring that victimized hundreds of Oahu residents, according to Prosecuting Attorney Keith Kaneshiro. full article

October 2, 2012

Feds: Notorious Alleged Con Man 'Bobby Thompson' Was Military Spy

Authorities revealed today that they believe "Bobby Thompson," the man accused of using a fake veterans charity to swindle more than $100 million and to rub shoulders with top-level Republicans, is actually a former military intelligence officer named John Donald Cody. full article

Police allege 59-year-old stole identity of baby who died in 1953

A Grindstone man was charged with using the personal information of a baby who died in 1953 to get a Pennsylvania identification card. full article

Bogus Apple Store discount card offer attempts to steal users' identities

Spam messages have been sent out by cybercriminals claiming to reward loyal Apple customers with AU$100 (just over US $100) of credit to spend in-store if they just buy a AU$9 discount card. full article

Living a Lie

Identity Theft that Lasted Decades

When Florida Highway Patrol Trooper Richard Blanco—a member of the FBI’s Joint Terrorism Task Force (JTTF) in Jacksonville—interviewed an individual suspected of driver’s license fraud in 2011, he wasn’t initially sure if the man was the victim or the perpetrator of identity theft. full article

Westport PD: Repeat Offender Arrested for Identity Theft

This was the second time the suspect was arrested for alleged identity theft in Westport.

An identity theft suspect was arrested in Greenwich Wednesday night on a warrant from Westport Police Department that stems from an incident that occurred at First County Bank in April, police said. full article

Tucson woman sentenced in identity theft case

TUCSON, Ariz. (AP) - A Tucson woman who admitted stealing the identities of 15 patients while working at an oncology office has been sentenced to two years in prison. full article

How to Protect Against Identity Theft in College

During Cyber Security Awareness Month, experts offer identity-protection tips to students.

In interviews ahead of National Cyber Security Awareness Month, which runs through the end of October, cyber security experts—both here and abroad—said identity theft is a serious problem, which may require extra vigilance on college campuses. Identity theft can mean anything from users' online bank accounts being compromised to their E-mail accounts being hacked and used to mass-distribute spam. full article

Twitter Authentication Flaw Allows Hackers to Hijack User Accounts

If we had known that Twitter would become so popular, we would all have rushed to register the coolest handles in its early days. Cybercriminals who didn’t do so, but want to have a fancy username anyway, can apparently steal one by leveraging a flaw in the social network’s authentication system. full article

Incident Response: Choose Right Words

A denial of service attack may pose less immediate risk than a data breach - but it's trickier to respond to, says attorney Ronald Raether. What tips does he offer to organizations targeted by DDoS attacks? full article

Former Pirate Bay hoster raided, and shut down by DDoS attack

Raid and the outage are probably unrelated, says hosting service owner

IDG News Service - Former Pirate Bay host went down in the middle of a police raid on Monday, affecting hundreds of hosted sites and thousands of users of PRQ's other services. But the raid and the outage are unlikely to be related, according to PRQ's owner. full article

Hack Attack on City of Tulsa Website Turns Out to Be Part of Penetration Testing

At the end of September we learned that City of Tulsa representatives started sending out alerts, notifying citizens that their names, addresses, social security numbers and other details might have been stolen by cybercriminals. full article

One-fourth of Americans victims of data breach

WASHINGTON (AFP) - Twenty-six percent of Americans have been told their personal information such as password or credit card number may have been exposed by a data breach, a survey showed Monday. full article

California settles with Anthem Blue Cross over data breach

Attorney General Kamala D. Harris today announced a settlement with one of California’s largest health insurers over allegations the company failed to protect the personal information of its members. full article

October 1, 2012

Gauss: Cybersurveillance Aimed at Banks

Malware Attacks Prove Profitable for Hackers

Malware and cyberespionage tools like Gauss are hitting U.S. banking institutions and businesses from all corners of the globe. But why are these sometimes not-so-sophisticated attacks causing so much damage? full article

Pirate Bay founder's detention extended amid tax hack probe

Swedish court orders that Gottfrid Svartholm Warg be detained two more weeks while prosecutors decide whether to charge him

IDG News Service - Pirate Bay founder Gottfrid Svartholm Warg will remain in detention for at least two more weeks while Swedish prosecutors investigate his alleged involvement in the hacking of IT company Logica, a Swedish court ruled Friday. full article

O2 Phishing Scam: Account Maintenance Notification

Customers of UK’s mobile phone and broadband provider O2 should keep an eye out these days for a clever phishing scam that’s designed to steal their account login details. full article

Invited to change your Twitter profile's header image? Beware, it could be drug spam

Inventive spammers are up to their old tricks again, desperate to do whatever it takes to get you to click on a link to their websites. full article

ProjectWestWind: TeamGhostShell hacks and dumps 120,000 records from 100 U.S. and non-U.S. universities

Over on Softpedia, Eduard Kovacs alerts us all to a paste from a group of hackers who call themselves TeamGhostShell. In a paste today on Pastebin, they introduce “ProjectWestWind,” exposing the hacks and vulnerabilities in universities around the world. full article

IEEE says proxy "anomaly" caused 100k password breach

The Institute of Electrical and Electronics Engineers (IEEE) said an issue that arose in conjunction with its proxy server provider is to blame for a breach in which the usernames and passwords of about 100,000 members were exposed to a researcher. full article

Man faces sentencing for ID theft scheme

HARTFORD, Conn. (AP) — A Florida man faces sentencing for participating in what federal authorities say was an extensive identity theft scheme in which he and another man targeted purses in cars. full article

Judge ruled that North Carolina identity protections don’t apply when union bosses retaliate against nonmembers by publicly posting social security numbers

Washington, DC (October 1, 2012) – Today, the U. S. Supreme Court denied a petition to hear a case brought by North Carolina-based AT&T (NYSE: T) employees asking the Court to review two state court decisions regarding a state identity theft law and federal preemption. full article

US Issues Directive to Fight Identity Tax Refund Fraud

As part of an ongoing effort to combat tax refund identity theft, the Justice Department’s Tax Division has issued a new directive to further its efforts and those of the United States Attorneys’ Offices to respond quickly and effectively to such cases. full article


Contact Information

Center for Identity Management and
Information Protection
Dr. Donald Rebovich,
Executive Director
Utica College
1600 Burrstone Road
Utica, NY 13502